Tim Diggins
Tim Diggins
For future reference think that @arapehl's problem with Mountain Lion is actually qt compatibility - you need to install qt 4.7 see https://github.com/johnbintz/jasmine-headless-webkit/issues/101
I think this is a great idea (this is a loop I'm aware of). Devise should still send an email though - it should say something like - please see...
> > Devise should still send an email though - it should say something like - please see the earlier email for the reset password link or wait 10 minutes...
I can see the redirection now (as soon as I've asked for it) in the run() function https://github.com/DanielThomas/oh-your-dotfiles/blob/e2a16ff21d07b5f08aafe333e5f5bf5968609051/lib/terminal.zsh#L26 Which helps - Also having read this (https://stackoverflow.com/questions/55785682/in-bash-how-to-print-to-stdout-when-it-s-already-redirected) I realise that maybe...
TL;DR: I know this feature requests is 4+ years old, but it's really confusing (if I've understood correctly). Ideally someone with commit authority would close this and/or correct what's right...
I'm not a committer, but I don't think this PR is mergeable. Locking devise to an older version of Nokogiri, a gem that gets a lot of security updates will...
> Nokogiri is only used in tests, so there is no real security issue. Oops - yes missed that it was in Gemfile not gemspec... Sorry > But I agree...
Increasing default length is good. Password complexity no: (e.g. as mentioned in PR: https://www.ncsc.gov.uk/collection/passwords/updating-your-approach#PasswordGuidance:UpdatingYourApproach-Donotusecomplexityrequirements). Best defence against brute force is some usage of something like Rack::Attack (e.g. fail2ban/allow2ban/throttling) https://github.com/rack/rack-attack